replicating windows 2000 principals

Andreas Hasenack andreas at conectiva.com.br
Thu Feb 6 07:10:39 EST 2003


Em Fri, Sep 27, 2002 at 09:31:12AM +0300, Christos Ricudis escreveu:
> > done that here as well, and it's pretty easy if you use the MIT Kerberos
> > libraries. They will talk to a Windows KDC and retrieve tickets for use with
> > LDAP. Very cool. Chekc out this link:
> > http://www.microsoft.com/windows2000/techinfo/planning/security/kerbsteps.asp
> > 
> > Hope this gets you started in the right direction...
> 
> I know about authentication, my main problem is replication. I had

Well, I saved this email because I knew I would eventually need it :)

Has there been any progress in this area? I need to get something like a
w2k BDC working, and I'm trying ldap, kerberos and samba. Unfortunately,
it seems that samba doesn't play this role yet (not even samba 3, which
I'm using). I also tried the ldap way, but, as some have already said,
this only gets you the account information, not passwords. Now, is there
some way to get the passwords via kerberos perhaps?

Or, is there some tool to dump a w2k password database so that I can feed
it to a samba/ldap/krb5 combo on a linux machine?



More information about the Kerberos mailing list